deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-18 00:07:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

fix-suggestions

Browse Source 
To fix suggestions
This commit is contained in:
Lovina Saldanha 2021-01-15 17:03:25 +05:30
parent c331cfda2c
commit 472b62781d
5 changed files with 25 additions and 25 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
windows/security/threat-protection/microsoft-defender-atp/android-intune.md
View File

@ -51,7 +51,7 @@ Learn how to deploy Defender for Endpoint for Android on Intune Company Portal -
center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \> center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \>
**Android Apps** \> **Add \> Android store app** and choose **Select**. **Android Apps** \> **Add \> Android store app** and choose **Select**.
![Image of Microsoft Endpoint Manager Admin Center](images/mda-addandroidstoreapp.png) ![Image of Microsoft Endpoint Manager Admin Center1](images/mda-addandroidstoreapp.png)
2. On the **Add app** page and in the *App Information* section enter: 2. On the **Add app** page and in the *App Information* section enter:
@ -63,7 +63,7 @@ center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \>
Other fields are optional. Select **Next**. Other fields are optional. Select **Next**.
![Image of Microsoft Endpoint Manager Admin Center](images/mda-addappinfo.png) ![Image of Microsoft Endpoint Manager Admin Center2](images/mda-addappinfo.png)
3. In the *Assignments* section, go to the **Required** section and select **Add group.** You can then choose the user group(s) that you would like to target Defender for Endpoint for Android app. Choose **Select** and then **Next**. 3. In the *Assignments* section, go to the **Required** section and select **Add group.** You can then choose the user group(s) that you would like to target Defender for Endpoint for Android app. Choose **Select** and then **Next**.
@ -71,14 +71,14 @@ center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \>
>The selected user group should consist of Intune enrolled users. >The selected user group should consist of Intune enrolled users.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of Microsoft Endpoint Manager Admin Center](images/363bf30f7d69a94db578e8af0ddd044b.png) > ![Image of Microsoft Endpoint Manager Admin Center3](images/363bf30f7d69a94db578e8af0ddd044b.png)
4. In the **Review+Create** section, verify that all the information entered is correct and then select **Create**. 4. In the **Review+Create** section, verify that all the information entered is correct and then select **Create**.
In a few moments, the Defender for Endpoint app would be created successfully, and a notification would show up at the top-right corner of the page. In a few moments, the Defender for Endpoint app would be created successfully, and a notification would show up at the top-right corner of the page.
![Image of Microsoft Endpoint Manager Admin Center](images/86cbe56f88bb6e93e9c63303397fc24f.png) ![Image of Microsoft Endpoint Manager Admin Center4](images/86cbe56f88bb6e93e9c63303397fc24f.png)
5. In the app information page that is displayed, in the **Monitor** section, 5. In the app information page that is displayed, in the **Monitor** section,
@ -86,7 +86,7 @@ select **Device install status** to verify that the device installation has
completed successfully. completed successfully.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of Microsoft Endpoint Manager Admin Center](images/513cf5d59eaaef5d2b5bc122715b5844.png) > ![Image of Microsoft Endpoint Manager Admin Center5](images/513cf5d59eaaef5d2b5bc122715b5844.png)
### Complete onboarding and check status ### Complete onboarding and check status
@ -123,14 +123,14 @@ center](https://go.microsoft.com/fwlink/?linkid=2109431) , go to **Apps** \>
**Android Apps** \> **Add** and select **Managed Google Play app**. **Android Apps** \> **Add** and select **Managed Google Play app**.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of Microsoft Endpoint Manager admin center](images/579ff59f31f599414cedf63051628b2e.png) > ![Image of Microsoft Endpoint Manager admin center6](images/579ff59f31f599414cedf63051628b2e.png)
2. On your managed Google Play page that loads subsequently, go to the search 2. On your managed Google Play page that loads subsequently, go to the search
box and lookup **Microsoft Defender.** Your search should display the Microsoft box and lookup **Microsoft Defender.** Your search should display the Microsoft
Defender for Endpoint app in your Managed Google Play. Click on the Microsoft Defender for Endpoint app from the Apps search result. Defender for Endpoint app in your Managed Google Play. Click on the Microsoft Defender for Endpoint app from the Apps search result.
![Image of Microsoft Endpoint Manager admin center](images/0f79cb37900b57c3e2bb0effad1c19cb.png) ![Image of Microsoft Endpoint Manager admin center7](images/0f79cb37900b57c3e2bb0effad1c19cb.png)
3. In the App description page that comes up next, you should be able to see app 3. In the App description page that comes up next, you should be able to see app
details on Defender for Endpoint. Review the information on the page and then details on Defender for Endpoint. Review the information on the page and then
@ -180,7 +180,7 @@ Defender ATP should be visible in the apps list.
1. In the **Apps** page, go to **Policy > App configuration policies > Add > Managed devices**. 1. In the **Apps** page, go to **Policy > App configuration policies > Add > Managed devices**.
![Image of Microsoft Endpoint Manager admin center](images/android-mem.png) ![Image of Microsoft Endpoint Manager admin center8](images/android-mem.png)
1. In the **Create app configuration policy** page, enter the following details: 1. In the **Create app configuration policy** page, enter the following details:
@ -200,19 +200,19 @@ Defender ATP should be visible in the apps list.
Then select **OK**. Then select **OK**.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of create app configuration policy](images/android-create-app-config.png) > ![Image of create app configuration policy1](images/android-create-app-config.png)
1. You should now see both the permissions listed and now you can autogrant both by choosing autogrant in the **Permission state** drop-down and then select **Next**. 1. You should now see both the permissions listed and now you can autogrant both by choosing autogrant in the **Permission state** drop-down and then select **Next**.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of create app configuration policy](images/android-auto-grant.png) > ![Image of create app configuration policy2](images/android-auto-grant.png)
1. In the **Assignments** page, select the user group to which this app config policy would be assigned to. Click **Select groups to include** and selecting the applicable group and then selecting **Next**. The group selected here is usually the same group to which you would assign Microsoft Defender for Endpoint Android app. 1. In the **Assignments** page, select the user group to which this app config policy would be assigned to. Click **Select groups to include** and selecting the applicable group and then selecting **Next**. The group selected here is usually the same group to which you would assign Microsoft Defender for Endpoint Android app.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of create app configuration policy](images/android-select-group.png) > ![Image of create app configuration policy3](images/android-select-group.png)
1. In the **Review + Create** page that comes up next, review all the information and then select **Create**. <br> 1. In the **Review + Create** page that comes up next, review all the information and then select **Create**. <br>
@ -220,7 +220,7 @@ Defender ATP should be visible in the apps list.
The app configuration policy for Defender for Endpoint autogranting the storage permission is now assigned to the selected user group. The app configuration policy for Defender for Endpoint autogranting the storage permission is now assigned to the selected user group.
> [!div class="mx-imgBorder"] > [!div class="mx-imgBorder"]
> ![Image of create app configuration policy](images/android-review-create.png) > ![Image of create app configuration policy4](images/android-review-create.png)
10. Select **Microsoft Defender ATP** app in the list \> **Properties** \> 10. Select **Microsoft Defender ATP** app in the list \> **Properties** \>

4
windows/security/threat-protection/microsoft-defender-atp/api-hello-world.md
View File

@ -58,11 +58,11 @@ For the Application registration stage, you must have a **Global administrator**
- **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear.
![Image of API access and API selection](images/add-permission.png) ![Image of API access and API selection1](images/add-permission.png)
- Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions** - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions**
![Image of API access and API selection](images/application-permissions.png) ![Image of API access and API selection2](images/application-permissions.png)
**Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example! **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example!

12
windows/security/threat-protection/microsoft-defender-atp/api-microsoft-flow.md
View File

@ -31,7 +31,7 @@ Automating security procedures is a standard requirement for every modern Securi
Microsoft Defender API has an official Flow Connector with many capabilities. Microsoft Defender API has an official Flow Connector with many capabilities.
![Image of edit credentials](images/api-flow-0.png) ![Image of edit credentials1](images/api-flow-0.png)
## Usage example ## Usage example
@ -41,15 +41,15 @@ The following example demonstrates how to create a Flow that is triggered any ti
2. Go to **My flows** > **New** > **Automated-from blank**. 2. Go to **My flows** > **New** > **Automated-from blank**.
![Image of edit credentials](images/api-flow-1.png) ![Image of edit credentials2](images/api-flow-1.png)
3. Choose a name for your Flow, search for "Microsoft Defender ATP Triggers" as the trigger, and then select the new Alerts trigger. 3. Choose a name for your Flow, search for "Microsoft Defender ATP Triggers" as the trigger, and then select the new Alerts trigger.
![Image of edit credentials](images/api-flow-2.png) ![Image of edit credentials3](images/api-flow-2.png)
Now you have a Flow that is triggered every time a new Alert occurs. Now you have a Flow that is triggered every time a new Alert occurs.
![Image of edit credentials](images/api-flow-3.png) ![Image of edit credentials4](images/api-flow-3.png)
All you need to do now is choose your next steps. All you need to do now is choose your next steps.
For example, you can isolate the device if the Severity of the Alert is High and send an email about it. For example, you can isolate the device if the Severity of the Alert is High and send an email about it.
@ -63,7 +63,7 @@ The Alert trigger provides only the Alert ID and the Machine ID. You can use the
3. Set the **Alert ID** from the last step as **Input**. 3. Set the **Alert ID** from the last step as **Input**.
![Image of edit credentials](images/api-flow-4.png) ![Image of edit credentials5](images/api-flow-4.png)
### Isolate the device if the Alert's severity is High ### Isolate the device if the Alert's severity is High
@ -73,7 +73,7 @@ The Alert trigger provides only the Alert ID and the Machine ID. You can use the
If yes, add the **Microsoft Defender ATP - Isolate machine** action with the Machine ID and a comment. If yes, add the **Microsoft Defender ATP - Isolate machine** action with the Machine ID and a comment.
![Image of edit credentials](images/api-flow-5.png) ![Image of edit credentials6](images/api-flow-5.png)
3. Add a new step for emailing about the Alert and the Isolation. There are multiple email connectors that are very easy to use, such as Outlook or Gmail. 3. Add a new step for emailing about the Alert and the Isolation. There are multiple email connectors that are very easy to use, such as Outlook or Gmail.

4
windows/security/threat-protection/microsoft-defender-atp/api-portal-mapping.md
View File

@ -84,9 +84,9 @@ Field numbers match the numbers in the images below.
![Image of alert details pane with numbers](images/atp-siem-mapping13.png) ![Image of alert details pane with numbers](images/atp-siem-mapping13.png)
![Image of artifact timeline with numbers](images/atp-siem-mapping3.png) ![Image of artifact timeline with numbers1](images/atp-siem-mapping3.png)
![Image of artifact timeline with numbers](images/atp-siem-mapping4.png) ![Image of artifact timeline with numbers2](images/atp-siem-mapping4.png)
![Image machine view](images/atp-mapping6.png) ![Image machine view](images/atp-mapping6.png)

6
windows/security/threat-protection/microsoft-defender-atp/api-power-bi.md
View File

@ -92,17 +92,17 @@ The first example demonstrates how to connect Power BI to Advanced Hunting API a
- Click **Edit Credentials** - Click **Edit Credentials**
![Image of edit credentials](images/power-bi-edit-credentials.png) ![Image of edit credentials0](images/power-bi-edit-credentials.png)
- Select **Organizational account** > **Sign in** - Select **Organizational account** > **Sign in**
![Image of set credentials](images/power-bi-set-credentials-organizational.png) ![Image of set credentials1](images/power-bi-set-credentials-organizational.png)
- Enter your credentials and wait to be signed in - Enter your credentials and wait to be signed in
- Click **Connect** - Click **Connect**
![Image of set credentials](images/power-bi-set-credentials-organizational-cont.png) ![Image of set credentials2](images/power-bi-set-credentials-organizational-cont.png)
- Now the results of your query will appear as table and you can start build visualizations on top of it! - Now the results of your query will appear as table and you can start build visualizations on top of it!